limit OP_PUNCH_HOLE operations to the file size

Before punching a hole in a file, TRIM_OFF_LEN() calls
TRIM_OFF_LEN() in order to make sure the offset and size
used are in a reasonable range.  But currently the range
it's limited to is maxfilelen, which allows the offset
(and therefore offset + len) to be beyond EOF.

Later, do_punch_hole() ignores any request that starts beyond
EOF, so we might as well limit requests to the file size.

It appears that a hole punch request that starts within a
file but whose length extends beyond it is treated simply
as a hole punch up to EOF.  So there's no harm in limiting
the end of a hole punch request to the file size either.

Therefore, use TRIM_OFF_LEN() to put both the the offset
and length of a request within the file size for hole
punch requests.

Signed-off-by: Alex Elder <aelder@sgi.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>

ltp/fsx.c

@@ -1085,7 +1085,7 @@ test(void)
 		break;
 
 	case OP_PUNCH_HOLE:
-		TRIM_OFF_LEN(offset, size, maxfilelen);
+		TRIM_OFF_LEN(offset, size, file_size);
 		do_punch_hole(offset, size);
 		break;
 	default: